A friend who works for a video hosting site called my attention to an interesting phenomenon: one of their user accounts was displaying multiple pages of classic Viagra spams, with all the usual graphics. The graphic appeared as the main item in each post (the hosting service in question accepts still images as well as video), with the text of the spam — including hashbuster text — in the description field. The post titles consisted of classic spam subject lines, such as the recently popular ‘French rock star Bertrand Cantat released from prison’
and others of that kind.
November 2007 Archives
Unintended consequences
29 November 2007 - 01:08 PM | PermalinkContinue reading 'Unintended consequences'
The personal touch
14 November 2007 - 10:49 PM | PermalinkFor a while I've been keeping an eye on an apparently Chinese scammer, who sends out messages with subject lines like ________ thought you might like to see this item
. When opened, the message proves to contain a little bit of eBay-related boilerplate, some graphics lifted from eBay, some not-quite-English text and a link to one of a family of sites that appear to be hosted in China. The sites in question advertise expensive consumer goods at below market prices. The deceptive use of the eBay name and graphics, the fact that the domain names used change constantly and, of course, the use of spam for advertising makes it all but certain that this is a scam.
Continue reading 'The personal touch'
Pop-up stock spam
13 November 2007 - 11:06 PM | PermalinkSpammers using the Storm worm botnet appear to have launched a multi-format campaign to promote penny stock Hemisphere Gold Inc (HPGI.PK). In addition to sending plaintext and PDF spam promoting the stock, the operators have also apparently downloaded new software to infected Windows machines that causes pop-up messages advertising HPGI.PK to appear on victims' computers. Joe Stewart at SecureWorks, who has made an extensive study of Storm, has published a picture of the pop-up. Text shown in the pop-up matches text sent in the plaintext and PDF versions.
Segmented scraping
07 November 2007 - 09:58 AM | PermalinkOne of the commonest questions people ask about spam is “How did this spammer get my email address?”
It might even be the second commonest question asked, right behind “How do I make it stop?”
and just ahead of “How can I hunt this spammer down and shoot them like the dog they are?”
Continue reading 'Segmented scraping'
Clue exchange program
06 November 2007 - 01:58 PM | PermalinkTo judge by the message I just received, clues are in short supply in the link exchange industry.
Continue reading 'Clue exchange program'
Ron Paul
04 November 2007 - 11:33 AM | PermalinkOne possibly surprising thing about spam is that how little of it is political or religious in nature. Given the strong feelings both of these topics arouse, you'd expect to see more attempts by zealots to pitch the cause to an audience of millions. Yet, by and large, even the most passionate believers seem to stay away from spam.
Continue reading 'Ron Paul'